stergos Posted April 14, 2011 Posted April 14, 2011 Hi please I need some help with cpanel or .htaccess to Block an IP which is attack to my website right now! I try to use IP Deny Manager but the attacker is still there ( did this need time to kick him? ) I try to use to .htaccess: order allow,deny deny from 92.239.4.112 allow from all But he still there and he flooding my website. This is my .htaccess info please tell me where exactly I place the block code I need a help!!! .htaccess ASCII text # -FrontPage- IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti* <Limit GET POST> #The next line modified by DenyIP order allow,deny #The next line modified by DenyIP #deny from all allow from all </Limit> <Limit PUT DELETE> order deny,allow deny from all </Limit> AuthName e-hacking.com AuthUserFile /home1/stergos/public_html/_vti_pvt/service.pwd AuthGroupFile /home1/stergos/public_html/_vti_pvt/service.grp RewriteEngine On RewriteCond %{HTTP_HOST} ^e-hacking.com RewriteRule (.*) http://www.e-hacking.com/$1 [R=301,L] <Files 403.shtml> order allow,deny allow from all </Files>
olirav Posted April 14, 2011 Posted April 14, 2011 Hi please I need some help with cpanel or .htaccess to Block an IP which is attack to my website right now! I try to use IP Deny Manager but the attacker is still there ( did this need time to kick him? ) I try to use to .htaccess: order allow,deny deny from 92.239.4.112 allow from all But he still there and he flooding my website. This is my .htaccess info please tell me where exactly I place the block code I need a help!!! .htaccess ASCII text # -FrontPage- IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti* <Limit GET POST> #The next line modified by DenyIP order allow,deny #The next line modified by DenyIP #deny from all allow from all </Limit> <Limit PUT DELETE> order deny,allow deny from all </Limit> AuthName e-hacking.com AuthUserFile /home1/stergos/public_html/_vti_pvt/service.pwd AuthGroupFile /home1/stergos/public_html/_vti_pvt/service.grp RewriteEngine On RewriteCond %{HTTP_HOST} ^e-hacking.com RewriteRule (.*) http://www.e-hacking.com/$1 [R=301,L] <Files 403.shtml> order allow,deny allow from all </Files> Not sure about this but try changing the order from order deny,allow deny from all to order deny,allow deny from 92.239.4.112 allow from all like i said not sure as i cant try it out but give it a whirl
stergos Posted April 14, 2011 Author Posted April 14, 2011 Thank you for fast reply I try it but he still there Why deny IP manager is not working?
olirav Posted April 14, 2011 Posted April 14, 2011 How do you know that is the ip adress the attack is coming from, are you sure he isn't flicking through proxyies?
stergos Posted April 14, 2011 Author Posted April 14, 2011 How do you know that is the ip adress the attack is coming from, are you sure he isn't flicking through proxyies? I use a stat site "w3counter.com" which is show me live who is online/page visit/ip/everything!
olirav Posted April 14, 2011 Posted April 14, 2011 And the visits are still racking up from them? Also where is your htaccess file located? oli
stergos Posted April 14, 2011 Author Posted April 14, 2011 And the visits are still racking up from them? Also where is your htaccess file located? oli yes page loads is counted, my htaccess file is on the root with the index page located. It's must the right place cause as you see I use redirect and is working fine. There is also located to other folders like "_Private" "vti-pvt" "vti-log" "vti-txt" "vti-cnf" "vti-bin" I have to leave for a while but the bot is still there... admin if you see this post please ban this ip 92.239.4.112 for me if you have that ability and please reply the method because deny ip manager from cpanel is not working. My username: stergos Thank you very much!
jje Posted April 14, 2011 Posted April 14, 2011 I just blocked myself from my own site via IP Deny Manager (lol) and now when I access my site I see 403 Forbidden? Looks like IP Deny is working from my end then? After using the IP Deny Manager, my htaccess looked like: <Files 403.shtml> order allow,deny allow from all </Files> deny from **.***.***.***
stergos Posted April 14, 2011 Author Posted April 14, 2011 I just blocked myself from my own site via IP Deny Manager (lol) and now when I access my site I see 403 Forbidden? Looks like IP Deny is working from my end then? I don't understand why is not working to me? I try to ban my ip but is not working either! I just blocked myself from my own site via IP Deny Manager (lol) and now when I access my site I see 403 Forbidden? Looks like IP Deny is working from my end then? After using the IP Deny Manager, my htaccess looked like: <Files 403.shtml> order allow,deny allow from all </Files> deny from **.***.***.*** This mine after I use IP deny manager: .htaccess ASCII text # -FrontPage- IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti* <Limit GET POST> #The next line modified by DenyIP order allow,deny #The next line modified by DenyIP #deny from all allow from all </Limit> <Limit PUT DELETE> order deny,allow deny from all </Limit> AuthName e-hacking.com AuthUserFile /home1/stergos/public_html/_vti_pvt/service.pwd AuthGroupFile /home1/stergos/public_html/_vti_pvt/service.grp RewriteEngine On RewriteCond %{HTTP_HOST} ^e-hacking.com RewriteRule (.*) http://www.e-hacking.com/$1 [R=301,L] <Files 403.shtml> order allow,deny allow from all </Files> deny from 92.239.4.112
jje Posted April 14, 2011 Posted April 14, 2011 Try putting this in at the end of your .htaccess <Files 403.shtml> order allow,deny allow from all </Files> deny from **.***.***.*** Replace **.***.***.*** with the IP you want to block
stergos Posted April 14, 2011 Author Posted April 14, 2011 Try putting this in at the end of your .htaccess <Files 403.shtml> order allow,deny allow from all </Files> deny from **.***.***.*** Replace **.***.***.*** with the IP you want to block Try it he is still online...
jje Posted April 14, 2011 Posted April 14, 2011 What is this attacker actually doing to affect your site?
stergos Posted April 14, 2011 Author Posted April 14, 2011 What is this attacker actually doing to affect your site? It's a bot. every 3 sec is visit 2 different pages the last 2 days non-stop. Is there anyway to help me enable block feature please?
jje Posted April 14, 2011 Posted April 14, 2011 This support request is being escalated to our root admin.
stergos Posted April 14, 2011 Author Posted April 14, 2011 This support request is being escalated to our root admin. Ok thank you very much. Did I receive an answer from your team to this topic or via email?
Recommended Posts